Bug#1030851: bullseye-pu: package symfony/4.4.19+dfsg-2+deb11u2

To: David Prévot <taffit@debian.org>, 1030851@bugs.debian.org
Subject: Bug#1030851: bullseye-pu: package symfony/4.4.19+dfsg-2+deb11u2
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sun, 19 Feb 2023 18:49:33 +0000
Message-id: <[🔎] a3d093dad8fe5785658c1a2c05fc987c10e5fa3f.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1030851@bugs.debian.org
In-reply-to: <[🔎] Y+ObRjzpJHaQbj9s@persil.tilapin.org>
References: <[🔎] Y+ObRjzpJHaQbj9s@persil.tilapin.org> <[🔎] Y+ObRjzpJHaQbj9s@persil.tilapin.org>

Control: tags -1 + confirmed

On Wed, 2023-02-08 at 13:53 +0100, David Prévot wrote:
> Two CVEs have been assigned to Symfony, the version currently in
> unstable and bookworm ships the fixes, the attached debdiff is a
> proposal for Bullseye.
> 
> https://symfony.com/blog/cve-2022-24894-prevent-storing-cookie-headers-in-httpcache
> https://symfony.com/blog/cve-2022-24895-csrf-token-fixation
> 

Please go ahead.

Regards,

Adam

Reply to:

References:
- Bug#1030851: bullseye-pu: package symfony/4.4.19+dfsg-2+deb11u2
  - From: David Prévot <taffit@debian.org>

Prev by Date: Processed: Re: Bug#1030709: bullseye-pu: package libvirt/7.0.0-3+deb11u2
Next by Date: Processed: Re: Bug#1030851: bullseye-pu: package symfony/4.4.19+dfsg-2+deb11u2
Previous by thread: Bug#1030851: [pkg-php-pear] Bug#1030851: bullseye-pu: package symfony/4.4.19+dfsg-2+deb11u2
Next by thread: Processed: Re: Bug#1030851: bullseye-pu: package symfony/4.4.19+dfsg-2+deb11u2
Index(es):
- Date
- Thread